Ask the Experts

Ask the Experts

• How did WhatsApp vulnerabilities get around encryption?

  WhatsApp vulnerabilities can enable hackers to bypass end-to-end encryption and spoof messages. Expert Michael Cobb explains how these attacks work and how to prevent them.  Continue Reading

• How can users remove Google location tracking completely?

  Disabling Google location tracking involves more than turning off Location History. Learn how to manage your account settings to stop tracking entirely with expert Michael Cobb.  Continue Reading

• How does TLS 1.3 differ from TLS 1.2?

  Compared to TLS 1.2, TLS 1.3 saw improvements in security, performance and privacy. Learn how TLS 1.3 eliminated vulnerabilities using cryptographic algorithms.  Continue Reading

• How do L1TF vulnerabilities compare to Spectre?

  Foreshadow, a set of newly discovered L1TF vulnerabilities, exploits Intel processors via side-channel attacks. Learn about L1TF and its variations from expert Michael Cobb.  Continue Reading

• What are the security risks of third-party app stores?

  Unlike most apps developed in app stores, users can download Fortnite from Epic Games' website. Expert Michael Cobb explains the security risks of third-party app stores.  Continue Reading

• How did the Emotet banking Trojan lead to a rise in attacks?

  A report on cybercrime shows a rise in banking Trojans, such as Emotet, targeting businesses over consumers. Malwarebytes' Adam Kujawa shares his thoughts on what's behind this shift.  Continue Reading

• How was a MikroTik router hack used to hijack traffic?

  Qihoo 360 Netlab researchers found that TZSP traffic was being redirected from vulnerable routers. Learn what this type of traffic is and how this attack is possible.  Continue Reading

• How was a black box attack used to exploit ATM vulnerabilities?

  Researchers from Positive Technologies found flaws affecting NCR ATMs. Discover how these ATM vulnerabilities work and how a patch can mitigate this attack.  Continue Reading

• How were attackers able to bypass 2FA in a Reddit breach?

  Reddit announced a breach after users were socially engineered and attackers bypassed 2FA protocols. Discover how this attack was possible and how sites can avoid falling victim.  Continue Reading

• How container security tools affect overall system security

  Container security continues to be a pressing issue as containers and hosts are being used more frequently. Learn how to keep your enterprise safe with Matt Pascucci.  Continue Reading

• Can a D-Link router vulnerability threaten bank customers?

  A D-Link router vulnerability was used to send banking users to a fake site in order to steal their information. Learn more about this vulnerability with expert Judith Myerson.  Continue Reading

• How does a Bluetooth vulnerability enable validation attacks?

  Bluetooth devices might be at risk after a new Bluetooth vulnerability was found targeting firmware and operating system software drivers. Learn how it works and can be mitigated.  Continue Reading

• How does Thanatos ransomware decryptor tool restore data?

  Cisco Talos' Thanatos ransomware decryptor can recover files affected by new ransomware that won't decrypt ransomed files even when a ransom has been paid.  Continue Reading

• How is the Trezor cryptocurrency online wallet under attack?

  A phishing campaign targeting Trezor wallets may have poisoned DNS or hijacked BGP to gain access. Learn how the attack worked and how to mitigate it with expert Nick Lewis.  Continue Reading

• How does signed software help mitigate malware?

  Okta researchers found a bypass that allows macOS malware to pose as signed Apple files. Discover how this is possible and how to mitigate this attack.  Continue Reading